wnpa-sec-2010-11 · Vulnerabilities in Wireshark


Name: Vulnerabilities in Wireshark

Docid: wnpa-sec-2010-11

Date: October 11, 2010

Affected versions: {{ start_version }} up to and including {{ end_version }}

Fixed versions: 1.2.12

Related: wnpa-sec-2010-12 (ASN.1 BER vulnerability in Wireshark version 1.4.0 )



Wireshark 1.2.12 fixes the following vulnerability:

  • The Penetration Test Team of NCNIPC (China) discovered that the ASN.1 BER dissector was susceptible to a stack overflow. (Bug 5230) Versions affected: All previous versions up to and including 1.2.11 and 1.4.0. CVE-2010-3445


It may be possible to make Wireshark crash by injecting a series of malformed packets onto the wire or by convincing someone to read a malformed packet trace file.


Upgrade to Wireshark 1.2.12 or later. Due to the nature of these bugs we do not recommend trying to work around the problem by disabling dissectors.